On Thu, Aug 31, 2006 at 01:12:53PM -0500, GeckoX wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I was in China last year. I was able to create a VPN connection in the US
> with no problem. Most of the web didn't work, even SSL. SSH was completely
> blocked as well, which is why I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was in China last year. I was able to create a VPN connection in the US with
no problem. Most of the web didn't work, even SSL. SSH was completely blocked
as well, which is why I was surprised that I could connect via VPN with no
problems. This
On Thu, Aug 31, 2006 at 01:12:53PM -0500, GeckoX wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was in China last year. I was able to create a VPN connection in the US
with no problem. Most of the web didn't work, even SSL. SSH was completely
blocked as well, which is why I was
Meh...depends where you're at. It's not one giant firewallit's a
regional thing. Beijing must just have high security. Seems odd that
they'd block out SSHbut I suppose SSH is a good way to hide what
you're doing.
On 9/1/06, Matthew Toseland [EMAIL PROTECTED] wrote:
On Thu, Aug 31, 2006
Matthew Toseland wrote:
> It's unnecessary anyway because it only applies to TCP. It does however
> tell us something very interesting and useful: The firewall is stateless !!
heh, it would be damn expensive to do that in a stateful way.
let's see:
>1. Timing.
>2. Packet size.
>3. It's not a
On 08/31, Matthew Toseland wrote:
> > > Have you thought about that ignoring reset packets thing that was
> > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > don't know too much about it, or if it'd be possible for
> > > freenetbut it might be worth looking in to.
> >
On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote:
> On 08/31, Matthew Toseland wrote:
> > > > Have you thought about that ignoring reset packets thing that was
> > > > shown to make it possible to bypass The Great Firewall? I mean, I
> > > > don't know too much about it, or if it'd
On Wed, Aug 30, 2006 at 11:52:23PM +0200, David 'Bombe' Roden wrote:
> On Wednesday 30 August 2006 23:47, urza9814 at gmail.com wrote:
>
> > Have you thought about that ignoring reset packets thing that was
> > shown to make it possible to bypass The Great Firewall? I mean, I
> > don't know too
Hundreds of projects? Such as? None of them comes anywhere near to our
techology; most of them are either easily harvestable and blockable
proxy networks, or WASTE clones.
On Wed, Aug 30, 2006 at 05:47:43PM -0400, urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets
0.7 has no predictable or repeated bytes whatsoever. It can probably be
identified by several more expensive, less reliable techiques at present:
1. Timing.
2. Packet size.
3. It's not a known protocol, therefore it must be bad.
4. Flow analysis.
On Wed, Aug 30, 2006 at 10:35:32PM +0200, inverse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was in China last year. I was able to create a VPN connection in the US with
no problem. Most of the web didn't work, even SSL. SSH was completely blocked
as well, which is why I was surprised that I could connect via VPN with no
problems. This
urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets thing that was
> shown to make it possible to bypass The Great Firewall? I mean, I
> don't know too much about it, or if it'd be possible for
> freenetbut it might be worth looking in to.
it's possible to do
David 'Bombe' Roden wrote:
> Communication between 0.7 nodes doesn't have to exchange public keys,
> those are already known as they are contained in the node reference.
nice!
I definitely need to install 0.7 and capture some packets for testing
On Wednesday 30 August 2006 23:47, urza9814 at gmail.com wrote:
> Have you thought about that ignoring reset packets thing that was
> shown to make it possible to bypass The Great Firewall? I mean, I
> don't know too much about it, or if it'd be possible for
> freenetbut it might be worth
On Wednesday 30 August 2006 22:35, inverse wrote:
> beyond harvesting the connected IP addresses to raid their owner's
> homes, one big concern with encrypted protocols is that they can be
> filtered out by application-level scanning firewalls. I think this is
> exactly what's happening in China.
0.7 has no predictable or repeated bytes whatsoever. It can probably be
identified by several more expensive, less reliable techiques at present:
1. Timing.
2. Packet size.
3. It's not a known protocol, therefore it must be bad.
4. Flow analysis.
On Wed, Aug 30, 2006 at 10:35:32PM +0200, inverse
Hundreds of projects? Such as? None of them comes anywhere near to our
techology; most of them are either easily harvestable and blockable
proxy networks, or WASTE clones.
On Wed, Aug 30, 2006 at 05:47:43PM -0400, [EMAIL PROTECTED] wrote:
Have you thought about that ignoring reset packets thing
On Wed, Aug 30, 2006 at 11:52:23PM +0200, David 'Bombe' Roden wrote:
On Wednesday 30 August 2006 23:47, [EMAIL PROTECTED] wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about
On 08/31, Matthew Toseland wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
That would
On Thu, Aug 31, 2006 at 06:01:45PM +0400, Roman V. Isaev wrote:
On 08/31, Matthew Toseland wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible
Matthew Toseland wrote:
It's unnecessary anyway because it only applies to TCP. It does however
tell us something very interesting and useful: The firewall is stateless !!
heh, it would be damn expensive to do that in a stateful way.
let's see:
1. Timing.
2. Packet size.
3. It's not a known
Matthew Toseland wrote:
> Well on the most trivial level, 0.5 doesn't work in china.
>
yo,
beyond harvesting the connected IP addresses to raid their owner's
homes, one big concern with encrypted protocols is that they can be
filtered out by application-level scanning firewalls. I think this
It wasn't safe enough, though, I suppose.
On 30 Aug 2006 03:27:04 -, Crash at remailer-debian.panta-rhei.eu.org <
Crash at remailer-debian.panta-rhei.eu.org> wrote:
>
> On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
> >
> > Freenet 0.5 had opennet, and yet it was a failure.
> >
>
> Ok, I
Well on the most trivial level, 0.5 doesn't work in china.
On Wed, Aug 30, 2006 at 08:51:32PM +0200, Ortwin Regel wrote:
> It wasn't safe enough, though, I suppose.
>
> On 30 Aug 2006 03:27:04 -, Crash at remailer-debian.panta-rhei.eu.org <
> Crash at remailer-debian.panta-rhei.eu.org>
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
Also just wanna add that I fully support the desire to help
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
>
> Freenet 0.5 had opennet, and yet it was a failure.
>
Ok, I gotta know this. How is 0.5 considered a failure. I use it daily and
it works flawlessly, Frost messages flow as well as ever, as do downloads of
splitfiles. Yesterday I retrieved a
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
Freenet 0.5 had opennet, and yet it was a failure.
Ok, I gotta know this. How is 0.5 considered a failure. I use it daily and
it works flawlessly, Frost messages flow as well as ever, as do downloads of
splitfiles. Yesterday I retrieved a
It wasn't safe enough, though, I suppose.On 30 Aug 2006 03:27:04 -, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote: Freenet 0.5 had opennet, and yet it was a failure.Ok, I gotta know this.How is 0.5 considered a failure. I use it daily andit works
Well on the most trivial level, 0.5 doesn't work in china.
On Wed, Aug 30, 2006 at 08:51:32PM +0200, Ortwin Regel wrote:
It wasn't safe enough, though, I suppose.
On 30 Aug 2006 03:27:04 -, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
On Tue, 29 Aug 2006 22:01:06 +0100, you wrote:
Matthew Toseland wrote:
Well on the most trivial level, 0.5 doesn't work in china.
yo,
beyond harvesting the connected IP addresses to raid their owner's
homes, one big concern with encrypted protocols is that they can be
filtered out by application-level scanning firewalls. I think this
On Wednesday 30 August 2006 22:35, inverse wrote:
beyond harvesting the connected IP addresses to raid their owner's
homes, one big concern with encrypted protocols is that they can be
filtered out by application-level scanning firewalls. I think this is
exactly what's happening in China.
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
Also just wanna add that I fully support the desire to help
On Wednesday 30 August 2006 23:47, [EMAIL PROTECTED] wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in
David 'Bombe' Roden wrote:
Communication between 0.7 nodes doesn't have to exchange public keys,
those are already known as they are contained in the node reference.
nice!
I definitely need to install 0.7 and capture some packets for testing
___
[EMAIL PROTECTED] wrote:
Have you thought about that ignoring reset packets thing that was
shown to make it possible to bypass The Great Firewall? I mean, I
don't know too much about it, or if it'd be possible for
freenetbut it might be worth looking in to.
it's possible to do it, but
35 matches
Mail list logo
